Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "EGI Software Component Delivery"

From EGIWiki
Jump to navigation Jump to search
Line 3: Line 3:
  {{TOC_right}}
  {{TOC_right}}


= Initial activities  =
<br> EGI's UMD Provisioning activity governs and executes two main processes:


'''Goal: Introducing new Component.''' <br>Every new Technological Provider (TP) will join the [https://wiki.egi.eu/wiki/UMD_Release_Team UMD Release Team (URT)]. <br>Every new Component will be introduced in UMD contacting the [https://wiki.egi.eu/wiki/UMD_Release_Team URT] providing following data:
#'''Software Provisioning Process:''' That handles software delivery from software development teams, aka Technology Providers (TP), Quality Assurance and Reporting.&nbsp;
#'''UMD Release Process: '''That collects tested Products per Platform and Architecture (PPAs) into UMD Releases


#Name of the Component
<br>  
#Contacts (support email address, web site address)
#Name and contact details of the Component Development Team Leader
#Description of the Component/Purpose
#License (??)<br>


With the help of the EGI UMD Release Team (URT), the following steps need to be performed:  
Of Technology Provider interest is the Software Provisioning Process, with its 3 steps:  


#Create GGUS Support Unit to receive and handle incidents (define level of quality of support)
#'''Software Delivery''' – Technology Providers submit new software releases<br>  
#Negotiate and sign Technical Provider Underpinning Agreement (TP UA) https://documents.egi.eu/document/2282 with EGI.eu<br>
#'''Software Assessment''' – through Quality Assurance &amp; Staged Rollout  
#if applicable) list of sites that can be interested in acting as '''Early Adopters''' in the Staged Rollout phase (??)
#'''Reporting '''– inform TP about outcome of the software provisioning process


<br>  
<br>  


= Ongoing activities<br>  =
Small workflow diagram representing status of products through the Software Provisioning Process:


== Change management <br>  ==
[[Image:Software Provisioning Process.png|300px|Software Provisioning Process.png]]


'''Goal:&nbsp;To ensure changes are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services. '''
<br>


[[Image:CM.png|600px|CM.png]]
<br>


=== Record  ===
= Initial activities - Joining UMD Release Team<br> =


#'''EGI recording system''' is [http://rt.egi.eu EGI RT]&nbsp;
To become included in [https://wiki.egi.eu/wiki/UMD_Release_Team UMD Release Team (URT)] Technology provider should provide following information:<br>  
#'''EGI&nbsp;user''' are instructed to submit changes requests in EGI RT.
#If the Component has '''other customers than EGI,''' the Provider will inform EGI about submitted change requests from other customers.
#The following information will be provided:  
#*Product Name and Version
#*What’s New (bug fixes, new features...)
#*Installation &amp; Configuration instructions (what needs to be done to correctly update the Component on the production infrastructure
#*List of Packages to be updated
#*Location where the packages are available (TP repositories, AppDB...)
#<br>


=== Classify<br> ===
#Name of the Product team
#Contacts (support email address, web site address)
#Name and contact details of the Component Development Team Leader
#Description of the Component/Purpose<br>


#All change requests should be '''classified in consistent manner'''. Classification in EGI RT is based on the Component the request is related to. <br>  
<br>  
#TP should define list of '''standard change '''requests (a Change that is recurrent, well known, has been proceduralized to follow a pre-defined, relatively risk-free path, and is the accepted response to a specific requirement or set of circumstances, where authority is effectively given in advance of implementation.). Standard change request '''doesn't need approval''' to be implemented.
#'''Emergency change''' for the Component are the highest priority change related to '''security vulnerability '''and can be implemented '''without approval '''but will be '''subject of post-review'''.


=== Assess and Approve<br>  ===
With the help of the EGI UMD Release Team (URT), the following steps need to be performed:


#Each change request should be commented by the TP with assessment of work needed to implement change.
#Create GGUS Support Unit to receive and handle incidents (define [[FAQ GGUS-QoS-Levels|level of quality of support]])
#'''Every change''' which is not a standard change or emergency change '''should be assessed '''(prioritized)'''and approved '''internally, in the URT and with OMB.
#Agree on [https://documents.egi.eu/document/2282 Technical Provider Underpinning Agreement] (TP UA) with EGI.eu<br>  
#Where needed dedicated [[AG|Advisory Group]] can be set up. The AG mandate is to help the TP in requirement prioritization and releasing process of the Component. AG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.<br>  
#Subscribe to the UMD Release team mailing list
#Minimum set of value for prioritization:
#*None (in RT - 0)
#*Low (in RT - 1)
#*Normal (in RT - 2)
#*High (in RT - 3)
#*Immediate/emergency (in RT - 4)


=== Implement, release and deploy<br> ===
<br>  


Phase which take place in [https://wiki.egi.eu/wiki/EGI_Software_Component_Delivery#Release_and_deployment_management Release and deployment management] (see below).<br>  
= Ongoing activities<br> =


=== Review<br>  ===
Once Technology Provider join UMD Release Team following activities should be performed each time new version of product has been released.


#Every release is subject to '''post-implementation review'''. Within one week customers are providing feedback answering to following questions:
== Software Deliver<br> ==
#*Were release notes and documentation sufficient?
#*Is the tool working as expected?<br>


== Release and deployment management  ==
'''Goal: Submitting new software releases'''


'''Goal: To bundle changes to release, so that these changes can be tested and deployed to the production environment together.'''
<br>


[[Image:RnDM.png|700px|RnDM.png]]  
#Communicate information about new update
#*E-mail to URT team
#*Update the information on the URT meeting agendas
#Information needed for each update:
#*Product Name &amp; Version
#*Release Notes as:
#**What’s New – bug fixes, new features
#**Installation &amp; Configuration instructions – what needs to be done to correctly update the product (package, service) on production infrastructure
#**List of Packages to be updated
#**Location where the packages are available:
#***TP repositories
#***[http://appdb.egi.eu/ AppDb]


=== Plan Release  ===
<br>


#Release schedules should be defined - the frequency of releases (eg. every 1-2 month).<br>
== '''Software Assessment'''  ==
#Scope of every release should be defined.
#Release should be planned in a away that OMB can be informed in at least one week time in advance.
#*all planned releases should be presented during the OMB meetings and URT meetings prior to their release to production
#*emergency releases should be presented at the first available OMB meeting and URT meeting, post-release.


=== Build Release<br> ===
'''Goal: Assessment through Quality Assurance &amp; Staged Rollout '''<br>  


#Due to the open-source nature of the developed software, each Component should have/use a '''publicly available code repository,''' like SVN, CVS, GIT
#Quality Assurance – through
#*preferred Software Versioning Control system - GITHUB (https://github.com/)  
#Quality Criteria definition – definition and updates of the Quality Criteria used in the Software Verification step
#All new releases should correspond to a new '''tag''' in the SVC
#Quality Criteria Verification
#*the Component should be packaged in an OS native format (e.g. rpm, deb)
#Packages are pulled from the TP into UMD repos (unverified) and the Verification team starts he verification of the info provided by the TP, apply QC, general and specific defined for respective product
#**packaging standards and policies should be followed (ex: [http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard FHS], [https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies EPEL-GuidelinesAndPolicies], [https://www.debian.org/doc/debian-policy/ Debian Policies])
#A Verification Report is provided (in DocDB) for the Staged Rollout site
#Distribution
#TP are informed regarding issues discovered, workarounds needed – through GGUS
#**new releases should be distributed as binaries through the UMD repository
#Staged Rollout
#Successful verified products are deployed on Early Adopters sites for testing in a production environment before the inclusion in the UMD production repositories.
#Reports with the results of this testing phase are recorded in DocDB


=== Test Release  ===
<br>


#Testing of the software, prior to its release, is a '''responsibility of the Provider.'''
<br>  
#Where dedicated '''AG''' exists it can be involved in the testing activity.
#'''Major or particularly important releases''' should pass acceptance testing performed by customer representatives
#When the development phase of a new release is completed an announced it should be shared in the URT and to all the actors that should be involved in the release testing (AGs). The announcement should contain:
#*release notes, containing changelog, installation &amp; configuration steps to apply the update, any known issues
#*documentation links
#*detailed test plan<br>  
#*all the information needed by the [https://wiki.egi.eu/wiki/EGI_Quality_Criteria_Dissemination conformance criteria] set by the SA2 activity for the software providers.
#*the expected release date and the kind of testing will depend on each specific release and on its importance.
#'''If a test fails''' a report will be produced and the release sent back to development to restart the cycle. Tests will include a documentation review and a documentation update if needed. The test phase can be performed internally to the development team if no other components or services are affected.


=== Document  ===
<br>


#'''The Provider is responsible for creation and maintenance of documentations''', instructions and manuals related to the Component in collaboration with EGI Operations team.
<br>  
#Before each release documentation should be checked and updated when/where needed.<br>


=== Inform  ===
<br>  
 
#'''Information about next release '''should be communicated
#*'''during OMB meeting''' (at least one week before release)
#*'''during URT meeting''' (at least one week before release)
#**One slide information should be sent to urt-discuss@mailman.egi.eu
 
=== Deploy Release  ===
 
#For '''changes of high impact and high risk''', the steps required to reverse an unsuccessful change or remedy any negative effects shall be defined.
 
=== Review Release  ===
 
#'''Each release should be monitored for success or failure''' and the results shall be analysed internally. <br>


== Incident and Problem management  ==
== Incident and Problem management  ==

Revision as of 11:11, 23 March 2015

Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security





EGI's UMD Provisioning activity governs and executes two main processes:

  1. Software Provisioning Process: That handles software delivery from software development teams, aka Technology Providers (TP), Quality Assurance and Reporting. 
  2. UMD Release Process: That collects tested Products per Platform and Architecture (PPAs) into UMD Releases


Of Technology Provider interest is the Software Provisioning Process, with its 3 steps:

  1. Software Delivery – Technology Providers submit new software releases
  2. Software Assessment – through Quality Assurance & Staged Rollout
  3. Reporting – inform TP about outcome of the software provisioning process


Small workflow diagram representing status of products through the Software Provisioning Process:

Software Provisioning Process.png



Initial activities - Joining UMD Release Team

To become included in UMD Release Team (URT) Technology provider should provide following information:

  1. Name of the Product team
  2. Contacts (support email address, web site address)
  3. Name and contact details of the Component Development Team Leader
  4. Description of the Component/Purpose


With the help of the EGI UMD Release Team (URT), the following steps need to be performed:

  1. Create GGUS Support Unit to receive and handle incidents (define level of quality of support)
  2. Agree on Technical Provider Underpinning Agreement (TP UA) with EGI.eu
  3. Subscribe to the UMD Release team mailing list


Ongoing activities

Once Technology Provider join UMD Release Team following activities should be performed each time new version of product has been released.

Software Deliver

Goal: Submitting new software releases


  1. Communicate information about new update
    • E-mail to URT team
    • Update the information on the URT meeting agendas
  2. Information needed for each update:
    • Product Name & Version
    • Release Notes as:
      • What’s New – bug fixes, new features
      • Installation & Configuration instructions – what needs to be done to correctly update the product (package, service) on production infrastructure
      • List of Packages to be updated
      • Location where the packages are available:


Software Assessment

Goal: Assessment through Quality Assurance & Staged Rollout

  1. Quality Assurance – through
  2. Quality Criteria definition – definition and updates of the Quality Criteria used in the Software Verification step
  3. Quality Criteria Verification
  4. Packages are pulled from the TP into UMD repos (unverified) and the Verification team starts he verification of the info provided by the TP, apply QC, general and specific defined for respective product
  5. A Verification Report is provided (in DocDB) for the Staged Rollout site
  6. TP are informed regarding issues discovered, workarounds needed – through GGUS
  7. Staged Rollout
  8. Successful verified products are deployed on Early Adopters sites for testing in a production environment before the inclusion in the UMD production repositories.
  9. Reports with the results of this testing phase are recorded in DocDB






Incident and Problem management

Goal: To restore normal/agreed service operations within the agreed time after the occurrence of an incident, and to investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying problem, or to ensure workarounds are available.

Incident and requests management

Support should be provided:

  • via the GGUS portal, which is the single point of contact for infrastructure users to access the EGI Service Desk.
  • (for incidents) According to declared level of quality of support (default: Medium) 
  • Support is provided in English
  • Support is available
    • from Monday to Friday
    • 8 h per day
  • All incidents and requests should be(assign to proper Support Unit) and prioritized according to suitable scheme.

Problems management

  1. In case of recurring incidents which cannot be solved by the Provider a GGUS ticket should be created to "Operations"  Support Unit. EGI Operations team will coordinate investigation of  the root causes of (recurring) incidents in order to avoid future recurrence of incidents. 
    • Any existing GGUS tickets which may help investigation should be marked as a child to the created ticket.

=== Planned maintenance windows or interruptions === TBD_NOT_CLEAR IF APPLICABLE TO TP/COMPONENTS

Planned maintenance should be

  • declared in GOCDB in a timely manner i.e. 24 hours before
  • with typical duration up to 24 hours otherwise needs to be justified

Unscheduled interruptions should be managed according to MAN04

Security incidents

All security incidents should be registered according to EGI_CSIRT:Incident_reporting

Monitoring

Provider is responsible for development, maintenance and support of the Component monitoring probes.

Availability and reliability threshold should be defined with EGI Operations team depending on criticality of the service.

Information Security management

Goal: to manage information security effectively through all activities performed to deliver and manage services, so that confidentiality, integrity and accessibility of relevant assets are preserved

The following rules for information security and data protection apply:
•    The Provider must define and abide by an information security and data protection policy related to the service being provided.
•    This must meet all requirements of any relevant EGI policies or procedures and also must be compliant with the relevant national legislation.

Customer relationship management

Goal: Establish and maintain a good relationship with customers receiving service

The Provider interacts with EGI.eu, primarily with OMB, the main customer of the operational tools.

Interactions between EGI.eu TPs are guaranteed through periodic phone conferences and face to face meetings (URT). A dedicated mailing list is available as well: urt-discuss@mailman.egi.eu

Interactions with customers are guaranteed through periodic OMB meetings and (if needed) dedicated Advisory Groups. The AG mandate is to help the Provider in requirement prioritization and releasing process of the Component. AG can provide forums to discuss the Component evolution that meets the expressed needs of the EGI community. It has representation from the all end users groups depending on the Component.




Retrieved from "https://wiki.egi.eu/w/index.php?title=EGI_Software_Component_Delivery&oldid=77977"